security | Shweta Taneja

October 7, 2016July 25, 2016

Log off from the internet, step by step

A 101 on removing your personal data from the Internet. But be warned: it’s a painful exercise

Had enough of selfies, tweets, posts and searches? Tired of bots tracking and predicting every move of yours? If you want to get back to being anonymous, here’s how you can systematically delete personal information from the World Wide Web.

STEP 1: Target social media

Posts, photos, thoughts, tumblers, tweets…. We have all posted endless numbers of things online on various social media accounts. Start by deleting all these accounts: Facebook, Google Plus, LinkedIn, Instagram, Pinterest, YouTube. All of them have the option to deactivate an account. If you are still not able to figure out how to delete a particular social media account, head to DeleteYourAccount.com, which tells you the process for 34 social media accounts.

STEP 2: Get hold of other accounts

Remember that shopping site where you created an account because they had an offer you just couldn’t resist? Or that food app which had promised a free dinner if you signed up with them? Even that dating site you visited once? And that game you played for a day and then forgot about? It’s time to go through your emails and list all the obscure accounts you’ve created over the years. If you’re not sure, simply search for your name and the usernames you use in Google, Bing, Yahoo and other search engines. You may have forgotten the passwords or the account could have been deactivated simply because you haven’t used it in a long time.

But if you really want to wipe that slate clean, you will need to reset the password, sign in to reactivate the account, and then proceed to delete it. Most of the online companies allow you to deactivate, but there’s no guarantee that all of them will actually delete all the data they have collected about you, says Thejesh G.N., a Bengaluru-based technologist and co-founder of DataMeet, a community of open-data enthusiasts. “Unfortunately, in India we don’t have any legal option to demand that the personal data be deleted by the online or telecommunication company,” he says. This is why the other steps that follow are important.

STEP 3: Unsubscribe mailing lists

There was a time before social media when we used to subscribe to the newsletters of different websites. You might still be old-fashioned and get emails from Google and Yahoo groups and various forums, as well as from associations and sundry accounts that you have subscribed to. Go through your Inbox, Spam and Junk folders and methodically unsubscribe from each of these groups.

STEP 4: Dumb down your phone

Every app that you downloaded on your smartphone collects some kind of data about you. “Apps send off location, geo-tags, your search patterns, contacts, and sometimes even read your messages,” says Rakshit Tandon, cyber-security consultant with the Internet and Mobile Association of India, who does workshops with law-enforcement agencies on Internet security.

The ideal way is to remove the Internet factor—switch off 2G, 3G and 4G and use your smartphone only to make calls. If you don’t want to switch off the World Wide Web completely, start by controlling the apps. Uninstall the apps you don’t require and haven’t used for a while. Then head to the app websites and delete your personal account from there. Simply uninstalling the app won’t delete your personal information from the company’s servers.

If you want to make sure personal data is removed by the app owners, email the webmasters of the companies running these apps and ask them to erase your personal content. If you don’t want to uninstall the app from the phone, make sure you know what permissions each of these apps is using. In most phones, you can head to App Settings and you’ll know what all you’ve said yes to. Switch off the permissions you don’t want to give, or uninstall if the app refuses to work without these.

STEP 5: Remove search engine results

Would you want your name to vanish from search engine results? If the answer is yes, then most of the search engines let you remove certain links—which come up when you search your name—that might be harming your reputation. However, if the mention is not harming your reputation in any way or isn’t a copyright infringement or harassment, as decided by the search engine company, it might be hard to get a search engine to remove links about you. In that case, click on each of the links, head to the individual websites that are using your name in news, mentions, or listings, and email each webmaster of these websites, requesting them to remove mentions about you from their sites.

STEP 6: Become browser-anonymous

When you next want to go online and search, make sure you do it anonymously. By default, most browsers track your activity. Opt for Incognito modes in the browser. Enable Privacy Badger (www.eff.org/privacybadger; free for Chrome and Firefox) to make sure cookies are disabled and third-party trackers are not secretly seeing what you check online. Install AdBlock Plus (Adblockplus.org; free on Firefox, Chrome and Safari) to block banner ads, pop-up ads, tracking cookies and scripts.

Another thing you can do is make sure you have opted out of Google Analytics tracking. Go to Tools.google.com/dlpage/gaoptout and opt out. If you like anonymity but do want to browse, consider the open-source anonymous Tor Project (Torproject.org), which lets you browse online and communicate with others without tracking you.

STEP 7: Reinvent

Some online companies don’t delete information on their servers even if you delete your account with them. In that case, give misleading information, like the wrong birth date, name, surname, age, profile photos, etc.

Complete article at livemint.com

July 26, 2012June 16, 2016

The smartphone recovery guide

What to do when you can’t find your personal supercomputer-phone, and why it is important to inform the police

When Charneeta Kaur, an assistant professor at the Pearl Academy of Fashion, Delhi, realized she had left her Sony Ericsson Xperia X10 Mini Pro in a car showroom, the first thing that struck her was not how much it had cost but how much of her personal information had just become vulnerable. A smartphone is not just a calling device but a full-fledged personal computer for many.

“I am permanently logged into my personal and corporate email, WhatsApp, and social networks like Facebook and Twitter. A lot of my private stuff is on my phone, including my photos,” says Kaur. Even though she had a code lock activated, she was sure it could be broken into and misused. “I was afraid that the person who might find it will be able to browse through the data on my phone.” She changed her email, chat and social network passwords.

Lost your phone? Keep the Imei number handy. It can help the police track it.

One thing she didn’t do was complain to the police. “What is the point in filing an FIR? It’s not as if they will find my phone for me,” she shrugs.

But this is where Kaur is wrong, according to Rakshit Tandon, consultant, Internet and Mobile Association of India. The police just might have. “If you have the Imei (international mobile equipment identity) number of your smartphone, your phone can be tracked,” says Tandon, who advises law enforcement officers in cybercrime investigation. Every mobile handset in the world has a unique Imei number. “In India, only the surveillance cell of police can legally track a device through its Imei number, so the first thing to do as soon as you lose your cellphone is to file an FIR,” says Tandon.

If your phone has passwords for email, social networks, ATM PINs, bank account details and corporate documents, one important step is to activate the lock code and the phone tracker, which comes inbuilt with most smartphones. “It’s surprising how many people, even those who are using their phone to access corporate emails and mobile banking, don’t take these two simple steps,” says Tandon.

In 2011, software security solutions provider Symantec conducted a study—The Symantec Smartphone Honey Stick Project—in the US and Canada, leaving smartphones on newspaper boxes, park benches, elevators and other places for passers-by to find. The study, released this March, found that 96% of the phones had been accessed by the people who found them. Of them, 89% looked at personal apps such as social networks, email, online banking and pictures, while 83% looked at “corporate” apps, HR cases, salary, corporate emails and information.

Left your phone on the café table; lost it in a shop; or did it just get stolen? Here’s what to do:

Try and track it

If you cannot locate your phone physically, try the global positioning system (GPS) route. If your GPS was on before the phone got lost, you might be able to get it to ring with a pre-installed remote locator app or security app (see “Protect your phone”).

Windows Phone 7 and iOS 5 come with an inbuilt option to track your phone. All you need to do is go online (on Live.com for Windows, andwww.icloud.com for iPhones), log in with the ID connected to the phone and click on “Find my Phone”. If the phone is on and emitting the GPS signal, you will be able to locate exactly where it is.

Android users can log on to Google Play with their Google account from a browser and install “Plan B” on their phone. Plan B starts automatically and sends your phone’s location to your Gmail address. To locate after 10 minutes, send an SMS to your phone from another phone with the word “locate”. Plan B uses both cell towers and GPS to locate a phone and can even switch on the GPS on some handsets.

If this doesn’t work, call your service provider’s customer care and request they block the SIM immediately.

Secure your data

If you have configured security software like Prey Anti-Theft, go online and wipe off the contents of your phone. BlackBerry has a basic app called BlackBerry Protect which can do it for you (see “Protect your phone”). Unfortunately, most smartphone owners don’t have any security installed.

Make a list of all the apps you had. Emails, apps, social networks, bank accounts—all passwords need to be changed. Changing email passwords is easy. With social networks, it’s a bit trickier. You can change the passwords to directly access Facebook and Twitter, but the third-party apps you have given access to (like Goodreads, Seesmic, etc.) can continue to post or see your social network using your old password. So after changing your password, manually logout from all third-party apps on Facebook and Twitter from the settings page of both social networks.

Most banks also have mobile apps. If you are using one of those, immediately log into the website of your bank and change your password. In case you can’t, call up customer care and have the application blocked.

If you had stored any bank passwords or ATM PINs in the contact lists or SMS drafts of your phone, visit your nearest bank branch and change the passwords.

Spread the word

Social networks are called social for a reason. As soon as your mobile phone goes missing, post about it on all your social networks—Twitter, Facebook, Google+, Quora, Pinterest, etc. If you misplaced the phone in the office, send an email to the whole office about it. Mention specifics about your phone—colour, build and any distinguishing feature like a scratch or a sticker or a case. Spreading the word is always useful, so people can’t use the phone to impersonate you.

Find your Imei number

Imei is a unique code encrypted number on each GSM device. This number is very useful in locating a phone even if its SIM is changed and GPS disabled. It’s written behind the battery of your phone. It can also be found by typing *#06# on a cellphone’s keypad. If your phone is already lost and you don’t know your Imei number, check a past cellphone bill. The Imei number is usually printed by the cellphone service provider on the bill.

Every time a phone logs into a particular network to make or receive calls, its Imei number is automatically emitted and tracked. This gets registered with the service provider. In India, like anywhere else in the world, the police have a database of phones which are in white, grey and black lists, so a phone which is in the black list is known to be stolen. Once it’s reported stolen by you, the Imei number is blacklisted across the country.

If an Imei device on the black list is used to make a call, the police will get to know about it immediately. You should also give your Imei number to the service centres of your handset manufacturer (Nokia, Samsung, etc). There is a chance that they will track the phone if it comes up for resale or reset.

File an FIR

Most city police websites have downloadable and printable FIR formats which can be used to file your complaint. Once you have put in the information about your cellphone (number, device type, last used, service provider and alternative contact details), the FIR should be submitted to the nearest police station. If you don’t want to go through the procedure of an FIR but simply inform the police, you can do that too. For example, you can simply email Delhi Police (delpol@vsnl.com) and inform them about your missing cellphone, says Tandon. You can also visitwww.delhipolice.nic.in/home/helpline/helpline.aspx to check the status of your FIR.

Continue reading “The smartphone recovery guide”

May 26, 2011June 16, 2016

Take charge of Facebook

Want to take control of your data and the way you use your Facebook account? Then try these tricks. By Shweta Taneja

When Tejas Pande, a 23-year-old Bangalore-based information technology professional, heard about a workshop called Facebook Resistances at the Centre for Internet and Society (www.cis-india.org) in the city, he signed up without thinking twice. “I spend almost 10 hours every day logged in to my Facebook account. Its fixed rituals were getting to me. So I wanted to find out how I can take more control of my account and make it more personal.”

The workshop, which was conducted by Marc Stumpel, a new media researcher and privacy advocate from Amsterdam, the Netherlands, had the same concerns. Stumpel’s workshop, which has travelled across the world from Barcelona and Berlin to Bangalore, is a research initiative that looks at changing the rules and functionality of Facebook. “We want to change your experience of the site and make it more personal,” he says, adding, “We also want you to safeguard your privacy in the Facebook world.” All this, he says, is possible through add-ons to your Internet browser. “People just need to know what these cracks are.”

Privacy rules: There are simple ways to safeguard your privacy on Facebook.

With more than 600 million active users, Facebook has become prone to attacks from hackers. Problems such as identity theft and malicious bot messages or status update worms are becoming common. Other than that, privacy concerns which have wracked Facebook since its inception continue to be controversial despite the “controls” it now offers.

The main reason for this is that the social networking mammoth keeps on pushing new features or changes constantly and rapidly, even before we can understand the ones that already exist. “Most often we don’t get a chance to opt in to new features, and can only opt out if they get our attention,”explains Stumpel. This leads to a loss of control over personal data and what Facebook can do with it.

To prevent this, it’s necessary to keep going back to those account settings and make full use of whatever control Facebook offers at any point. Here are some of the latest ways you can protect your online identity.

Log out of multiple sessions

How many times have you logged into Facebook from an Internet café or a friend’s mobile phone and forgotten to log out? Every time you do that, even though you close the browsing window or application at the end, Facebook keeps your session open, making you vulnerable to mischief. Now you can log into your account and see a list of active sessions with their details, which include the login time, device name, the approximate location of the login based on IP address, and browser and operating system. If some of them are unauthorized or you are unaware of these activities, shut them immediately and reset your password.

Take control now: In your Facebook account, go to Account > Account Settings > Account Security > Account Activity > Also Active. Facebook lists all your active, open browsers in the Also Active list. Click on End Activity on the unwanted ones. You can also take control of which gadgets you log on from with the Login Approvals feature that comes under Account Security. This feature lets you put a code alert, which can then be SMSed to your mobile phone as soon as you log in from an unrecognized computer. This will alert you in case there’s been a login from a source you don’t know about.

Avoid the unwanted photo tag

Did a friend just put your drunk as hell photograph, wearing a “I hate my boss” T-shirt and making an obscene gesture, online? And did your boss and wife see it and blast you for irresponsibility? Other than the embarrassment, you may get into trouble at home or at work because of friends tagging inane photographs they clicked somewhere you don’t remember.If it’s not photographs, it’s minor irritants such as social or festive messages that you unexpectedly get tagged in. Avoid such irritants with a simple click.

Take control now: Go to Account > Privacy Settings > Sharing on Facebook. Click on ‘Customize settings’. In the page that pops up, choose in each option who can see and comment on things you share, things on your Wall and things you’re tagged in.

Secure your account

Hacking is increasingly a problem on Facebook. The reason is that on most of the networks, Facebook (unlike email clients) works on an unsecured connection (http) and not a secure one (https). Now the social networking site gives you an option to choose a secure site for logging and browsing. You can also choose one-time passwords when logging into Facebook from a public connection.

Take control now: Go to Account > Account Settings> Account Security > Secure Browsing. Tick on Browse Facebook on a Secure Connection (https) whenever possible. In case you are using a public computer, take the option of Facebook One-time Passwords. Text “OTP” to 32665 on your mobile phone and you will get a new one-time password which expires within 20 minutes.

Stop Facebook from haunting you online

Baffled when your Facebook profile image pops up every time you are reading a news site or a travel website online asking you to “Like” a news or review since another friend from Facebook does? Or surprised when you are browsing a travel website and your friends’ photographs pop up suddenly, saying they have been there and “Recommend” a hotel or site? Facebook has partnered with some websites to, as it delicately puts it, “provide you with great, personalized experiences the moment you arrive, such as immediately playing the music you like or displaying friends’ reviews”. Basically if you are logged in to Facebook, these sites can take information from your account and display it and also tell you which of your friends have visited that particular city earlier. If you wish to stop Facebook from haunting you everywhere you go online on your browser, act now.

Take control now: To block a third party, go to Account > Privacy Settings > Apps and Websites> Instant Personalization. Deselect Enable Instant Personalization to stop getting these subtle suggestions from Facebook.

Cut off the ads

A Facebook friend, Mr-I-Like-Everything, “Likes” yet another page and it pops up as a suggestion on the right side of your profile. If you have been on Facebook long enough, chances are one of the “Sponsored” pages has been shoved under your nose at least once. These little ad blurbs which keep popping up on the right-hand side corner, or underneath your apps on the left side of your page, are a mix of advertisements as well as Facebook’s way of further profiling you. Facebook calls them “Suggestions” that add to your social personality, but they are just ads.

Read the complete article here.

Share

Share

Want to take control of your data and the way you use your Facebook account? Then try these tricks. By Shweta Taneja

Share